CVE-2023-1138

Summary

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain an improper access control vulnerability, which could allow an attacker to retrieve Gateway configuration files to obtain plaintext credentials.

Affected Software

VendorProductVersion RangeStatus
Delta ElectronicsInfraSuite Device Master0 < 1.0.5affected

Weaknesses

  • CWE-284

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References